On 11/28/16, 9:57 AM, "Zane Bitter" <[email protected]> wrote:
>On 28/10/16 08:32, Julien Danjou wrote: >>> > 2. Content Format >>> > The info/data forwarded by Aodh is alarm, not the original event. At >>> > here, >>> > I assume most of the users would like to see the original event, not the >>> > alarm. >> That sounds easy. :) > >Not that easy: https://review.openstack.org/#/c/356404/ > >oslo.messaging data is not supposed to be given out to users, so it has >to be sanitised before you can do so safely. I believe Searchlight has a >way of doing this. Mistral, as you can see from that patch, punted the >problem to the operator. Searchlight for the most part discards everything except the payload (at least as far as an end-consumer is concerned). For some services we also restrict access to some information (Nova in particular has some fields that only administrators should have access to). > >I'd love to come up with some kind of cross-project approach to this (a >library?). I don't really care where people source their events from, >but if we're maintaining three different ways to do security-critical >access control for data produced independently by all of the different >OpenStack services, then we're headed for certain disaster. I agree; we did it in Searchlight because there was no other option (and it took a long time to get traction for a self-contained project, let alone for a library that at the time would've had only one use case). We've been looking at having our listener process accept additional publishing endpoints (Zaqar being among them), but we'd certainly be open to make that sanitization code more reusable. Steve __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
